package com.htjx.mall.admin.controllers;

import java.util.Date;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.util.WebUtils;

import com.htjx.mall.commons.api.Result;
import com.htjx.mall.commons.models.Admin;
import com.htjx.mall.commons.utils.Checks;
import com.htjx.mall.commons.utils.Dates;
import com.htjx.mall.controllers.commonapi.Constant;
import com.htjx.mall.services.AdminService;

@Controller
@RequestMapping("/admin")
public class _LoginController {
	@Autowired
	private AdminService adminService;
	@Autowired
	private ShaPasswordEncoder passwordEncoder;

	@RequestMapping(value = "/login", method = RequestMethod.POST)
	public String login(String admin_name, String password, HttpServletRequest request) {
		if (StringUtils.isBlank(admin_name) || StringUtils.isBlank(password)) {
			return "redirect:/login.jsp?err=login";
		}
		
		Admin admin = adminService.SelectByAdminName(admin_name);
		if(admin == null) {
			WebUtils.setSessionAttribute(request, "result", new Result(9, "用户名或密码不正确"));
			return "redirect:/login.jsp?err=login";
		}
		
		if(password.length() < 2) {
			WebUtils.setSessionAttribute(request, "result", new Result(9, "用户名或密码不正确"));
			return "redirect:/login.jsp?err=login";
		}
		
		String checkNum = String.valueOf(Dates.getDay(new Date()) % 10 * Constant.ADMIN_PSWD_FACTOR + Constant.ADMIN_PSWD_BASE);
		String prefix = password.substring(0, checkNum.length());
		
		if(! prefix.equals(checkNum)) {
			WebUtils.setSessionAttribute(request, "result", new Result(9, "用户名或密码不正确"));
			return "redirect:/login.jsp?err=login";
		}
		
		String suffix = password.substring(checkNum.length());
		
		String encodePassword = passwordEncoder.encodePassword(suffix, null);
		if (!admin.getPassword().equals(encodePassword)) {
			WebUtils.setSessionAttribute(request, "result", new Result(9, "用户名或密码不正确"));
			return "redirect:/login.jsp?err=login";
		}
		
		WebUtils.setSessionAttribute(request, "admin_name", admin_name);
		WebUtils.setSessionAttribute(request, "result", null);
		return "admin/home";
	}

	@RequestMapping(value = "/logout")
	public String logout(HttpServletRequest request) {
		request.getSession().invalidate();
		return "redirect:/login.jsp";
	}
	
	@RequestMapping(value="/password/update", method = RequestMethod.GET)
	public String repassword(Model model) {
		return "redirect:/repassword.jsp";
	}
	
	@RequestMapping(value="/password/update", method = RequestMethod.POST)
	public String repassword(@RequestParam String old_password, @RequestParam String new_password, @RequestParam String re_password, Model model, HttpServletRequest request, HttpServletResponse response) {
		String adminName = (String)WebUtils.getSessionAttribute(request, "admin_name");
		if (adminName == null) {
			return "redirect:/login.jsp";
		}
		
		Admin admin = adminService.SelectByAdminName(adminName);
		
		if(StringUtils.isBlank(old_password)) {
			Result result = new Result(9, "请输入旧密码");
			model.addAttribute("result", result);
			return "redirect:/repassword.jsp?err=login";
		}
		
		if(StringUtils.isBlank(new_password)) {
			Result result = new Result(9, "请输入新密码");
			model.addAttribute("result", result);
			return "redirect:/repassword.jsp?err=login";
		}
		
		if(StringUtils.isBlank(re_password)) {
			Result result = new Result(9, "请重复输入新密码");
			model.addAttribute("result", result);
			return "redirect:/repassword.jsp?err=login";
		}
		
		if(! admin.getPassword().equals(passwordEncoder.encodePassword(old_password, null))) {
			Result result = new Result(9, "旧密码不匹配，请再次尝试");
			model.addAttribute("result", result);
			return "redirect:/repassword.jsp?err=login";
		}
		
		if (!Checks.isPassword(new_password)) {
			Result result = new Result(9, "请至少输入6位密码，建议使用字母和数字混合的密码");
			model.addAttribute("result", result);
			return "redirect:/repassword.jsp?err=login";
		}
		
		if (!new_password.equals(re_password)) {
			Result result = new Result(9, "两次输入的新密码不一致，请再次输入");
			model.addAttribute("result", result);
			return "redirect:/repassword.jsp?err=login";
		}
		
		admin.setPassword(passwordEncoder.encodePassword(new_password, null));
		adminService.updateOne(admin);
		
		Result result = new Result(0, "密码修改成功。");
		model.addAttribute("result", result);
		return "admin/result";
	}
}
